- Vulnerability/
- USN-4187-1
USN-4187-1: Linux kernel vulnerability
First published: Wed Nov 13 2019(Updated: )
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-server | <3.13.0.175.186 | 3.13.0.175.186 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-3.13.0-175-generic | <3.13.0-175.226 | 3.13.0-175.226 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-3.13.0-175-lowlatency | <3.13.0-175.226 | 3.13.0-175.226 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-virtual | <3.13.0.175.186 | 3.13.0.175.186 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-3.13.0-175-generic-lpae | <3.13.0-175.226 | 3.13.0-175.226 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-generic | <3.13.0.175.186 | 3.13.0.175.186 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-generic-lpae | <3.13.0.175.186 | 3.13.0.175.186 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-lowlatency | <3.13.0.175.186 | 3.13.0.175.186 |
| =14.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2019-11135
- https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/TAA_MCEPSC_i915
- https://ubuntu.com/security/notices/USN-4186-1
- https://ubuntu.com/security/notices/USN-4182-2
- https://ubuntu.com/security/notices/USN-4186-2
- https://ubuntu.com/security/notices/USN-4182-1
- https://ubuntu.com/security/notices/USN-4188-1
- https://ubuntu.com/security/notices/USN-4184-1
- https://ubuntu.com/security/notices/USN-4185-2
- https://ubuntu.com/security/notices/USN-4185-1
- https://ubuntu.com/security/notices/USN-4183-1
- https://launchpad.net/ubuntu/+source/linux/3.13.0-175.226
- https://ubuntu.com/security/notices/USN-4187-1 (Advisory)
Frequently Asked Questions
What is the vulnerability ID of USN-4187-1?
The vulnerability ID of USN-4187-1 is CVE-2019-11135.
How severe is the USN-4187-1 vulnerability?
The severity of the USN-4187-1 vulnerability is not specified.
What software versions are affected by USN-4187-1?
The affected software versions are Linux kernels 3.13.0.175.186, 3.13.0-175.226, and 3.13.0.175.186.
How do I fix the USN-4187-1 vulnerability?
To fix the USN-4187-1 vulnerability, update your Linux kernel to version 3.13.0.175.186 or later.
Where can I find more information about USN-4187-1?
You can find more information about USN-4187-1 on the Ubuntu Security Notices page.
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/title
- agent/description
- agent/references
- agent/tags
- agent/trending
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/14.04